Wednesday, October 23, 2013

SetUID is a set User
ID upon execution. We can identify SetUID bit is set or not in permissions
of file by long listing the details of file as below.

[linuxconcepts@localhost
test]$ cat > setuid.sh

#!/bin/sh

echo "SET
USER ID BIT";

date

[linuxconcepts@localhost
test]$

[linuxconcepts@localhost
test]$ ls -l setuid.sh

-rw-rw-r--. 1 linuxconcepts linuxconcepts
39 Oct 23 12:08 setuid.sh

[linuxconcepts@localhost
test]$ chmod 4755 setuid.sh

[linuxconcepts@localhost
test]$ ls -l setuid.sh

-rwsr-xr-x. 1 linuxconcepts linuxconcepts 39 Oct 23 12:08 setuid.sh

[linuxconcepts@localhost
test]$

//We can set
setUID bit by following method as well

[linuxconcepts@localhost
test]$ touch setuid1.sh

[linuxconcepts@localhost
test]$ ls -l setuid1.sh

-rw-rw-r--. 1
linuxconcepts linuxconcepts 0 Oct 23 13:22 setuid1.sh

[linuxconcepts@localhost
test]$ chmod u+s setuid1.sh

[linuxconcepts@localhost
test]$ ls -l setuid1.sh

-rwsrw-r--. 1
linuxconcepts linuxconcepts 0 Oct 23 13:22 setuid1.sh

[linuxconcepts@localhost
test]$

We can see ‘s’ letter in permission of a setuid.sh file when
we change permissions to 4755. We use 4 before actual permission digit to
setUID bit to any file.

Benefit: When we set the setUID bit in linux then that script will execute with its owner’s permission. Means if any user
is executing that script who have execution permission then it will execute
with owner’s permission.

Generally, setUID bit is disabled in most of unix like
operating systems because it is unsecure and it gives full access to execute the
script.